Foreword
Introduction
1 Scope
2 Normative References
2.1 Overview
2.2 Approved references
2.3 References under development
2.4 Other References
3 Definitions and conventions
3.1 Overview
3.2 Definitions
3.3 Editorial Conventions
3.4 Abbreviations, acronyms, and symbols
3.5 Keywords
3.6 T10 Vendor ID
3.7 Sorting
3.8 Terminate Communication
3.9 State Machine notation
4 Structure and Concepts
4.1 Overview
4.2 FC-SP Compliance
4.3 Fabric Security Architecture
4.4 Authentication Infrastructure
4.5 Authentication
4.6 Security Associations
4.7 Cryptographic Integrity and Confidentiality
4.8 Authorization (Access Control)
4.9 Name Format
5 Authentication Protocols
5.1 Overview
5.2 Authentication Messages Structure
5.3 Authentication Messages Common to Authentication
Protocols
5.4 DH-CHAP Protocol
5.5 FCAP Protocol
5.6 FCPAP Protocol
5.7 AUTH_ILS Specification
5.8 B_AUTH_ILS Specification
5.9 AUTH_ELS Specification
5.10 Re-Authentication
5.11 Timeouts
6 Security Association Management Protocol
6.1 Introduction
6.2 SA Management Messages
6.3 IKE_SA_Init Message
6.4 IKE_Auth Message
6.5 IKE_Create_Child_SA Message
6.6 IKE_Informational Message
6.7 Interaction with the Authentication Protocols
6.8 IKEv2 Protocol Details
7 Fabric Policies
7.1 Policies Definition
7.2 Policies Enforcement
7.3 Policies Management
7.4 Policies Check
7.5 Policy Summation ELSs
7.6 Zoning Policies
8 Combinations of Security Protocols
8.1 Entity Authentication Overview
8.2 Terminology
8.3 Scope of Security Relationships
8.4 Entity Authentication Model
8.5 Abstract Services for Entity Authentication
8.6 Nx_Port to Fabric Authentication (NFA) State Machine
8.7 Fabric from Nx_Port Authentication (FNA) State Machine
8.9 Additional Security State Machines
8.10 Impact on Other Standards
Annexes
A FC-SP Compliance Summary
A.1 Compliance Elements
A.2 Authentication Compliance Elements
A.3 SA Management Compliance Elements
A.4 Policy Compliance Elements
B Random Number Generation and RADIUS Deployment
B.1 Overview
B.2 RADIUS Servers
B.3 RADIUS Messages
B.4 RADIUS Authentication
C Examples of Proposals Negotiation for the
SA Management Protocol
D Guidelines for Mapping Access Control Requirements
to Fabric Policies
E Pre FC-SP Fabric Policy Implementations
E.1 Overview
E.2 Fabric Management Policy Set
E.3 Fabric Binding
Figures
Tables